projects / Packages / TYPO3.CMS.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
[TASK] Use name-resolution instead of strings where possible: 9
[Packages/TYPO3.CMS.git] / typo3 / sysext / saltedpasswords / Tests / Unit / Salt / BlowfishSaltTest.php
1 <?php
2 namespace TYPO3\CMS\Saltedpasswords\Tests\Unit\Salt;
3
4 /**
5 * This file is part of the TYPO3 CMS project.
6 *
7 * It is free software; you can redistribute it and/or modify it under
8 * the terms of the GNU General Public License, either version 2
9 * of the License, or any later version.
10 *
11 * For the full copyright and license information, please read the
12 * LICENSE.txt file that was distributed with this source code.
13 *
14 * The TYPO3 project - inspiring people to share!
15 */
16
17 /**
18 * Testcase for BlowfishSalt
19 *
20 * @author Marcus Krause <marcus#exp2009@t3sec.info>
21 */
22 class BlowfishSaltTest extends \TYPO3\CMS\Core\Tests\UnitTestCase {
23
24 /**
25 * Keeps instance of object to test.
26 *
27 * @var \TYPO3\CMS\Saltedpasswords\Salt\BlowfishSalt
28 */
29 protected $objectInstance = NULL;
30
31 /**
32 * Sets up the fixtures for this testcase.
33 *
34 * @return void
35 */
36 public function setUp() {
37 $this->objectInstance = $this->getMock(\TYPO3\CMS\Saltedpasswords\Salt\BlowfishSalt::class, array('dummy'));
38 }
39
40 /**
41 * Marks tests as skipped if the blowfish method is not available.
42 *
43 * @return void
44 */
45 protected function skipTestIfBlowfishIsNotAvailable() {
46 if (!CRYPT_BLOWFISH) {
47 $this->markTestSkipped('Blowfish is not supported on your platform.');
48 }
49 }
50
51 /**
52 * @test
53 */
54 public function hasCorrectBaseClass() {
55 $hasCorrectBaseClass = get_class($this->objectInstance) === \TYPO3\CMS\Saltedpasswords\Salt\BlowfishSalt::class;
56 // XCLASS ?
57 if (!$hasCorrectBaseClass && FALSE != get_parent_class($this->objectInstance)) {
58 $hasCorrectBaseClass = is_subclass_of($this->objectInstance, \TYPO3\CMS\Saltedpasswords\Salt\BlowfishSalt::class);
59 }
60 $this->assertTrue($hasCorrectBaseClass);
61 }
62
63 /**
64 * @test
65 */
66 public function nonZeroSaltLength() {
67 $this->assertTrue($this->objectInstance->getSaltLength() > 0);
68 }
69
70 /**
71 * @test
72 */
73 public function emptyPasswordResultsInNullSaltedPassword() {
74 $password = '';
75 $this->assertNull($this->objectInstance->getHashedPassword($password));
76 }
77
78 /**
79 * @test
80 */
81 public function nonEmptyPasswordResultsInNonNullSaltedPassword() {
82 $this->skipTestIfBlowfishIsNotAvailable();
83 $password = 'a';
84 $this->assertNotNull($this->objectInstance->getHashedPassword($password));
85 }
86
87 /**
88 * @test
89 */
90 public function createdSaltedHashOfProperStructure() {
91 $this->skipTestIfBlowfishIsNotAvailable();
92 $password = 'password';
93 $saltedHashPassword = $this->objectInstance->getHashedPassword($password);
94 $this->assertTrue($this->objectInstance->isValidSaltedPW($saltedHashPassword));
95 }
96
97 /**
98 * @test
99 */
100 public function createdSaltedHashOfProperStructureForCustomSaltWithoutSetting() {
101 $this->skipTestIfBlowfishIsNotAvailable();
102 $password = 'password';
103 // custom salt without setting
104 $randomBytes = \TYPO3\CMS\Core\Utility\GeneralUtility::generateRandomBytes($this->objectInstance->getSaltLength());
105 $salt = $this->objectInstance->base64Encode($randomBytes, $this->objectInstance->getSaltLength());
106 $this->assertTrue($this->objectInstance->isValidSalt($salt));
107 $saltedHashPassword = $this->objectInstance->getHashedPassword($password, $salt);
108 $this->assertTrue($this->objectInstance->isValidSaltedPW($saltedHashPassword));
109 }
110
111 /**
112 * @test
113 */
114 public function createdSaltedHashOfProperStructureForMinimumHashCount() {
115 $this->skipTestIfBlowfishIsNotAvailable();
116 $password = 'password';
117 $minHashCount = $this->objectInstance->getMinHashCount();
118 $this->objectInstance->setHashCount($minHashCount);
119 $saltedHashPassword = $this->objectInstance->getHashedPassword($password);
120 $this->assertTrue($this->objectInstance->isValidSaltedPW($saltedHashPassword));
121 // reset hashcount
122 $this->objectInstance->setHashCount(NULL);
123 }
124
125 /**
126 * Tests authentication procedure with alphabet characters.
127 *
128 * Checks if a "plain-text password" is every time mapped to the
129 * same "salted password hash" when using the same salt.
130 *
131 * @test
132 */
133 public function authenticationWithValidAlphaCharClassPassword() {
134 $this->skipTestIfBlowfishIsNotAvailable();
135 $password = 'aEjOtY';
136 $saltedHashPassword = $this->objectInstance->getHashedPassword($password);
137 $this->assertTrue($this->objectInstance->checkPassword($password, $saltedHashPassword));
138 }
139
140 /**
141 * Tests authentication procedure with numeric characters.
142 *
143 * Checks if a "plain-text password" is every time mapped to the
144 * same "salted password hash" when using the same salt.
145 *
146 * @test
147 */
148 public function authenticationWithValidNumericCharClassPassword() {
149 $this->skipTestIfBlowfishIsNotAvailable();
150 $password = '01369';
151 $saltedHashPassword = $this->objectInstance->getHashedPassword($password);
152 $this->assertTrue($this->objectInstance->checkPassword($password, $saltedHashPassword));
153 }
154
155 /**
156 * Tests authentication procedure with US-ASCII special characters.
157 *
158 * Checks if a "plain-text password" is every time mapped to the
159 * same "salted password hash" when using the same salt.
160 *
161 * @test
162 */
163 public function authenticationWithValidAsciiSpecialCharClassPassword() {
164 $this->skipTestIfBlowfishIsNotAvailable();
165 $password = ' !"#$%&\'()*+,-./:;<=>?@[\\]^_`{|}~';
166 $saltedHashPassword = $this->objectInstance->getHashedPassword($password);
167 $this->assertTrue($this->objectInstance->checkPassword($password, $saltedHashPassword));
168 }
169
170 /**
171 * Tests authentication procedure with latin1 special characters.
172 *
173 * Checks if a "plain-text password" is every time mapped to the
174 * same "salted password hash" when using the same salt.
175 *
176 * @test
177 */
178 public function authenticationWithValidLatin1SpecialCharClassPassword() {
179 $this->skipTestIfBlowfishIsNotAvailable();
180 $password = '';
181 for ($i = 160; $i <= 191; $i++) {
182 $password .= chr($i);
183 }
184 $password .= chr(215) . chr(247);
185 $saltedHashPassword = $this->objectInstance->getHashedPassword($password);
186 $this->assertTrue($this->objectInstance->checkPassword($password, $saltedHashPassword));
187 }
188
189 /**
190 * Tests authentication procedure with latin1 umlauts.
191 *
192 * Checks if a "plain-text password" is every time mapped to the
193 * same "salted password hash" when using the same salt.
194 *
195 * @test
196 */
197 public function authenticationWithValidLatin1UmlautCharClassPassword() {
198 $this->skipTestIfBlowfishIsNotAvailable();
199 $password = '';
200 for ($i = 192; $i <= 214; $i++) {
201 $password .= chr($i);
202 }
203 for ($i = 216; $i <= 246; $i++) {
204 $password .= chr($i);
205 }
206 for ($i = 248; $i <= 255; $i++) {
207 $password .= chr($i);
208 }
209 $saltedHashPassword = $this->objectInstance->getHashedPassword($password);
210 $this->assertTrue($this->objectInstance->checkPassword($password, $saltedHashPassword));
211 }
212
213 /**
214 * @test
215 */
216 public function authenticationWithNonValidPassword() {
217 $this->skipTestIfBlowfishIsNotAvailable();
218 $password = 'password';
219 $password1 = $password . 'INVALID';
220 $saltedHashPassword = $this->objectInstance->getHashedPassword($password);
221 $this->assertFalse($this->objectInstance->checkPassword($password1, $saltedHashPassword));
222 }
223
224 /**
225 * @test
226 */
227 public function passwordVariationsResultInDifferentHashes() {
228 $this->skipTestIfBlowfishIsNotAvailable();
229 $pad = 'a';
230 $password = '';
231 $criticalPwLength = 0;
232 // We're using a constant salt.
233 $saltedHashPasswordCurrent = $salt = $this->objectInstance->getHashedPassword($pad);
234 for ($i = 0; $i <= 128; $i += 8) {
235 $password = str_repeat($pad, max($i, 1));
236 $saltedHashPasswordPrevious = $saltedHashPasswordCurrent;
237 $saltedHashPasswordCurrent = $this->objectInstance->getHashedPassword($password, $salt);
238 if ($i > 0 && $saltedHashPasswordPrevious === $saltedHashPasswordCurrent) {
239 $criticalPwLength = $i;
240 break;
241 }
242 }
243 $this->assertTrue($criticalPwLength == 0 || $criticalPwLength > 32, 'Duplicates of hashed passwords with plaintext password of length ' . $criticalPwLength . '+.');
244 }
245
246 /**
247 * @test
248 */
249 public function modifiedMinHashCount() {
250 $minHashCount = $this->objectInstance->getMinHashCount();
251 $this->objectInstance->setMinHashCount($minHashCount - 1);
252 $this->assertTrue($this->objectInstance->getMinHashCount() < $minHashCount);
253 $this->objectInstance->setMinHashCount($minHashCount + 1);
254 $this->assertTrue($this->objectInstance->getMinHashCount() > $minHashCount);
255 }
256
257 /**
258 * @test
259 */
260 public function modifiedMaxHashCount() {
261 $maxHashCount = $this->objectInstance->getMaxHashCount();
262 $this->objectInstance->setMaxHashCount($maxHashCount + 1);
263 $this->assertTrue($this->objectInstance->getMaxHashCount() > $maxHashCount);
264 $this->objectInstance->setMaxHashCount($maxHashCount - 1);
265 $this->assertTrue($this->objectInstance->getMaxHashCount() < $maxHashCount);
266 }
267
268 /**
269 * @test
270 */
271 public function modifiedHashCount() {
272 $hashCount = $this->objectInstance->getHashCount();
273 $this->objectInstance->setMaxHashCount($hashCount + 1);
274 $this->objectInstance->setHashCount($hashCount + 1);
275 $this->assertTrue($this->objectInstance->getHashCount() > $hashCount);
276 $this->objectInstance->setMinHashCount($hashCount - 1);
277 $this->objectInstance->setHashCount($hashCount - 1);
278 $this->assertTrue($this->objectInstance->getHashCount() < $hashCount);
279 // reset hashcount
280 $this->objectInstance->setHashCount(NULL);
281 }
282
283 /**
284 * @test
285 */
286 public function updateNecessityForValidSaltedPassword() {
287 $this->skipTestIfBlowfishIsNotAvailable();
288 $password = 'password';
289 $saltedHashPassword = $this->objectInstance->getHashedPassword($password);
290 $this->assertFalse($this->objectInstance->isHashUpdateNeeded($saltedHashPassword));
291 }
292
293 /**
294 * @test
295 */
296 public function updateNecessityForIncreasedHashcount() {
297 $password = 'password';
298 $saltedHashPassword = $this->objectInstance->getHashedPassword($password);
299 $increasedHashCount = $this->objectInstance->getHashCount() + 1;
300 $this->objectInstance->setMaxHashCount($increasedHashCount);
301 $this->objectInstance->setHashCount($increasedHashCount);
302 $this->assertTrue($this->objectInstance->isHashUpdateNeeded($saltedHashPassword));
303 // reset hashcount
304 $this->objectInstance->setHashCount(NULL);
305 }
306
307 /**
308 * @test
309 */
310 public function updateNecessityForDecreasedHashcount() {
311 $this->skipTestIfBlowfishIsNotAvailable();
312 $password = 'password';
313 $saltedHashPassword = $this->objectInstance->getHashedPassword($password);
314 $decreasedHashCount = $this->objectInstance->getHashCount() - 1;
315 $this->objectInstance->setMinHashCount($decreasedHashCount);
316 $this->objectInstance->setHashCount($decreasedHashCount);
317 $this->assertFalse($this->objectInstance->isHashUpdateNeeded($saltedHashPassword));
318 // reset hashcount
319 $this->objectInstance->setHashCount(NULL);
320 }
321
322 }
TYPO3 CMS Core Development